/*******************************************************************************
 * Copyright (c) 2011-11-24 @author <a href="mailto:iffiff1@hotmail.com">Tyler Chen</a>.
 * All rights reserved.
 *
 * Contributors:
 *     <a href="mailto:iffiff1@hotmail.com">Tyler Chen</a> - initial API and implementation
 ******************************************************************************/
package org.redhat.auth.security.core;

import org.springframework.security.access.AccessDecisionManager;
import org.springframework.security.access.intercept.AbstractSecurityInterceptor;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.core.Authentication;
import org.springframework.security.web.access.DefaultWebInvocationPrivilegeEvaluator;
import org.springframework.security.web.access.WebInvocationPrivilegeEvaluator;
import org.springframework.security.web.access.intercept.FilterInvocationSecurityMetadataSource;

/**
 * @author <a href="mailto:iffiff1@hotmail.com">Tyler Chen</a> 
 * @since 2011-11-24
 */
public class AuthDefaultWebInvocationPrivilegeEvaluator implements
		WebInvocationPrivilegeEvaluator {

	public AuthDefaultWebInvocationPrivilegeEvaluator() {
		{
			abstractSecurityInterceptor = new AuthFilterSecurityInterceptor();
			{
				abstractSecurityInterceptor
						.setAuthenticationManager(authenticationManager);
			}
			{
				abstractSecurityInterceptor
						.setAccessDecisionManager(accessDecisionManager);
			}
			{
				((AuthFilterSecurityInterceptor) abstractSecurityInterceptor)
						.setSecurityMetadataSource(filterInvocationSecurityMetadataSource);
			}
		}
		webInvocationPrivilegeEvaluator = new DefaultWebInvocationPrivilegeEvaluator(
				abstractSecurityInterceptor);
	}

	private WebInvocationPrivilegeEvaluator webInvocationPrivilegeEvaluator;

	private AbstractSecurityInterceptor abstractSecurityInterceptor;

	private AuthenticationManager authenticationManager;
	private AccessDecisionManager accessDecisionManager;
	private FilterInvocationSecurityMetadataSource filterInvocationSecurityMetadataSource;

	public void setWebInvocationPrivilegeEvaluator(
			WebInvocationPrivilegeEvaluator webInvocationPrivilegeEvaluator) {
		this.webInvocationPrivilegeEvaluator = webInvocationPrivilegeEvaluator;
	}

	public void setAbstractSecurityInterceptor(
			AbstractSecurityInterceptor abstractSecurityInterceptor) {
		this.abstractSecurityInterceptor = abstractSecurityInterceptor;
	}

	public void setAuthenticationManager(
			AuthenticationManager authenticationManager) {
		this.authenticationManager = authenticationManager;
	}

	public void setAccessDecisionManager(
			AccessDecisionManager accessDecisionManager) {
		this.accessDecisionManager = accessDecisionManager;
	}

	public void setFilterInvocationSecurityMetadataSource(
			FilterInvocationSecurityMetadataSource filterInvocationSecurityMetadataSource) {
		this.filterInvocationSecurityMetadataSource = filterInvocationSecurityMetadataSource;
	}

	public boolean isAllowed(String uri, Authentication authentication) {
		return webInvocationPrivilegeEvaluator != null
				&& webInvocationPrivilegeEvaluator.isAllowed(uri,
						authentication);
	}

	public boolean isAllowed(String contextPath, String uri, String method,
			Authentication authentication) {
		return webInvocationPrivilegeEvaluator != null
				&& webInvocationPrivilegeEvaluator.isAllowed(contextPath, uri,
						method, authentication);
	}

}
